Admin Console Taking Long Time to Login when Using an External LDAP
(Doc ID 2780501.1)
Last updated on JANUARY 13, 2023
Applies to:
Oracle WebLogic Server - Version 12.2.1.3.0 and laterInformation in this document applies to any platform.
Symptoms
Using the WebLogic account to login into the Administration console, takes around 3 minutes.
The domain was defined with a number authentication providers, but 2 of them are relevant for this scenario.
- ActiveDirectoryAuthenticator
- DefaultAuthenticator
The order of these providers is critical, because when authenticating a user, WLS will attempt with all of them in that order, and depending on the results of the LDAP query and the value of the control flag for each provider.
The best way to troubleshoot this type of issues is enabling ATN debug flags for the AdminServer.
Enable ATN debug flags for the AdminServer
From the WLS console, go to Servers > AdminServer > Debug
Navigate to ATN as seen in the image and enable it:
Then set logging to debug for the AdminServer, going to AdminServer > Logging > General > Advanced, setting minimum severity to log to Debug, and standard out/severity level to Debug:
Collecting evidence
Given this issue was consistent, it was replicated easily, collecting the evidence from the WLS log file, where clearly a huge gap was seen when WLS was dealing with the ActiveDirectoryAuthenticator.
The output after enabling ATN is pretty verbose, but let's concentrate on few keywords:
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Enable ATN debug flags for the AdminServer |
| Collecting evidence |
| Changes |
| Cause |
| Solution |